<?php
/**
 * @author        faithsmine@gmail.com
 * @copyright     www
 * @version       1.1
 * @name          common.php
 * @todo          整站文件基本都会包含，程序运行时，需要起始运行的程序
 * @final         2008-08-13
 */
!defined("IN_YCTOOL") && exit();

/**
 * 配置session cookie 域 
 */
$strlentemp = strlen(DOMAIN);
$httpHosttemp = strtolower(substr(YCTOOL_HTTPHOST, -$strlentemp));
unset($strlentemp);
if($httpHosttemp == DOMAIN)
{
    session_set_cookie_params(0 , '/', '.' . DOMAIN);
}
else
{
    session_set_cookie_params(0 , '/', '');
}

unset($httpHosttemp);
session_cache_expire(360);

/**
 * 表单数据不丢失配置 
 */
if(function_exists(session_cache_limiter))
{ 
    //session_cache_limiter("private");   //返回，表单数据不丢失 , must-revalidate
}

session_start();					//开启SESSION
header("Content-Type:text/html;charset=" . CHARSET);    //规定页面字符集

set_magic_quotes_runtime(0);

//校正特殊字符添加 \ 转化。
if (!get_magic_quotes_gpc())
{
    func::adsslashesArray($_POST);
    func::adsslashesArray($_GET);
    func::adsslashesArray($_COOKIE);
}
/**
 * 获取二级域名
 */
//从网站网址中获取 网站用户名
$HTTPHOST = str_replace('.' . DOMAIN, '', YCTOOL_HTTPHOST);
if(strlen($HTTPHOST) > SECONDMAIN)
{
    $secname = $HTTPHOST;
}
unset($HTTPHOST);

/**
 * 语言设置
 */
require_once(DIR_DATA . LANGSET.'/lang.php');

/**
 * autoload 导入需要使用的类
 */
//**
function __autoload($class_name)
{
    if($class_name == "db" || $class_name == "func")
    {
	require_once(DIR_COMM . $class_name . '.class.php');
    }
    else
    { 
	require_once(DIR_MODEL . $class_name . '.class.php');
    }
}
// */

$user = new user();
$userids = $user->userinfo['userid'];
if($user->userinfo['roles'] == 3 &&
    $_SERVER[REQUEST_URI] != '/login.php?action=logout')
{
    func::alertMsg('您的帐户已被冻结', '/login.php?action=logout');
}

//处理二级域名的uid
if($secname)
{
    $uid = $user->getOneItem($secname);
}

/**
 * 处理权限
 */
$authDir = str_replace(str_replace('\\', "/", str_replace('/usr', "", strtolower(ROOT_DIR))), "", str_replace('\\', "/", strtolower(dirname($_SERVER['SCRIPT_FILENAME']))));
if (@strpos("/", $authDir) == 0)
{
	$authDir = substr($authDir, 1);
}
if ($authDir == "")
{
	$authDir = "/";
}

//javascript 路径处理目前先采用两级，将来再用数组循环扩展
$authDir != '/' && $javascriptPath = '../';

//获取文件头
$authPage = basename($_SERVER['SCRIPT_FILENAME'], ".php");

//权限处理
$role = $user->userinfo['roles'];

if (!in_array($role, array(1, 2)) && $userids)
{
    func::showMsg('您没有操作本目录的权限！', $javascriptPath);
}

/*
$RO = explode(",", $user->userinfo['cellids']);
$user->userinfo['cellids'];
$authcell = func::readArrayCahce(DIR_CACHE.'sys', 'auth');
$pageCellid = array();
$getCellid = array();
$postCellid = array();
foreach($authcell as $iskey => $item)
{
    if($authDir == $item['celltitle'] && $item['celltype'] == 1)
    {
	$dirCellid = $item['cellid'];
	$dirAllow = $item['cellallow'];
    }

    if($authPage == $item['celltitle'] && $item['celltype'] == 2)
    {
	$pageCellid[$iskey]['cellid'] = $item['cellid'];
	$pageCellid[$iskey]['parentid'] = $item['parentid'];
	$pageCellid[$iskey]['cellallow'] = $item['cellallow'];
    }
    //权限 ：处理GET参数 .
    foreach ($_GET as $key => $value)
    {
	$Str = $key . '=' . $value;
	if($Str == $item['celltitle'] && $item['celltype'] == 3)
	{
	    $getCellid[$iskey]['cellid'] = $item['cellid'];
	    $getCellid[$iskey]['parentid'] = $item['parentid'];
	    $getCellid[$iskey]['cellallow'] = $item['cellallow'];
	}
    }
    //权限 ：处理POST参数 .
    foreach ($_POST as $key => $value)
    {
	$Str = $key . '=' . $value;
	if($getStr == $item['celltitle'] && $item['celltype'] == 3)
	{
	    $postCellid[$iskey]['cellid'] = $item['cellid'];
	    $postCellid[$iskey]['parentid'] = $item['parentid'];
	    $postCellid[$iskey]['cellallow'] = $item['cellallow'];
	}
    }
}
unset($Str);
unset($authcell);
//如果没有得到配置，则默认可以访问。
//判定有无操作本目录的权限
if (!in_array($dirCellid, $RO) && $dirCellid && $dirAllow == 0)
{
    func::showMsg('您没有操作本目录的权限！', $javascriptPath);
}
unset($dirAllow);
//判定有无操作本文件的权限
foreach ($pageCellid as $key => $item)
{
    if($dirCellid == $item['parentid'] && $item['cellid'] && $dirCellid)
    {
	$pageid = $item['cellid'];
	if (!in_array($pageid, $RO) && $item['cellallow'] == 0)
	{
	    func::showMsg('您没有操作本文件的权限！', $javascriptPath);
	}
    }
}
unset($dirCellid);
unset($pageCellid);
//判定有无操作GET参数的权限
foreach ($getCellid as $key => $item)
{
    if($pageid == $item['parentid'] && $item['cellid'] && $pageid)
    {
	if (!in_array($item['cellid'], $RO) && $item['cellallow'] == 0)
	{
	    func::showMsg('您没有操作GET参数的权限！', $javascriptPath);
	}
    }
}
unset($getCellid);
//判定有无操作POST参数的权限
foreach ($postCellid as $key => $item)
{
    if($pageid == $item['parentid'] && $item['cellid'] && $pageid)
    {
	if (!in_array($item['cellid'], $RO) && $item['cellallow'] == 0)
	{
	    func::showMsg('您没有操作POST参数的权限！', $javascriptPath);
	}
    }
}
//释放所有不必要的消耗
unset($pageid);
unset($postCellid);
unset($RO);
*/

function echo_s($str)
{
    echo(htmlspecialchars($str));
}
?>
